package com.nuanshui.heatedloan.extension.shiro;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.springframework.security.crypto.password.PasswordEncoder;

import com.nuanshui.framework.security.MD5Util;

/**
 * shiro进行校验的类。
 * @author Gonzo
 * @date 2017年1月11日
 */
public class ApiCredentialsMatcher implements CredentialsMatcher{
	
	private PasswordEncoder pwdEncoder;
	

	@Override
	public boolean doCredentialsMatch(AuthenticationToken token,
			AuthenticationInfo info) {
		char[] tokenCredentials =  (char[])token.getCredentials(); //带过来的密码
		StringBuilder sb = new StringBuilder();
		for(char c : tokenCredentials){
			sb.append(c);
		}
		Object accountCredentials = info.getCredentials();//数据库的密码
		String pwd = MD5Util.md5(sb.toString()).toLowerCase();//得到小写的md5值。
		return pwdEncoder.matches(pwd, accountCredentials.toString());
	}
	
	
	public void setPasswordEncoder(PasswordEncoder pwdEncoder){
		this.pwdEncoder = pwdEncoder;
	}
}
